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word or words therein is destructive of that informa- 
KEY MANAGEMENT FOR tion. 
ENCRYPTION/DECRYPTION SYSTEMS These and other aspects and objects of the invention 

are obtained by means of an electronic random key 
FIELD OF THE INVENTION 5 word generator, a transportation module and encryp- 

This invention relates to the generation of key words tion/decryption modules, all part of the system of the 
for a data encryption/decryption system, storage of the invention; the system of the invention being more 
key words in a transportable storage device, and subse- readily understood upon reading of the Detailed De- 
quent transfer of the key words from the transportable scription of the Invention, which follows, together with 
storage device to the data encryption/decryption sys- 10 the drawings, in which: 

tern by means of a suitable data interface. FIG. 1 is a block diagram of a preferred embodiment 

BACKGROUND OF THE INVENTION ^ the . invention fistjating generation and transport* 

ton of major cipher key words; 
In a digital data encryption/decryption system for FIG. 2 is a perspective view of the cipher key genera- 
protecting data in communication channels, such as a 15 tor of the invention with keyboard exposed; 
system utilizing the algorithm described in Federal FIG. 3 is a block diagram, of the key generator of 
Information Processing Standard Publication 46 and FIGS. 1 and 2; 

available through the National Technical Information FIG. 4 is a diagram showing initial distribution of the 
Service, it is necessary to generate and insert a key pseudo-noise (PN) hardware generated word sequence 
work or words into the encryption/decryption modules 20 in the key generator of the invention- 
which terminate the secure data communication trans- FIG. 5 is a diagram showing non-linear distribution 
mission path. These modules may be in the form of ofthc PN ^ sequence of FIG. 4 after processing in 
separate encryption/decryption modules at the com- a data security device chip of the inventio^T^ 
puto/tramnussion hne mterface The security of the fi G S. 6A and <5B are a general flow diagram of the 

entire system depends upon the security of the key 25 keyboard ^ routm g 

words from the time of generation through transporta- rnr-c ta toxt ™ j-* M . „ 

tion to the encryption/decryption modulefand thereaf- ^IJ^^^^Z fl0W 

ter. Such security am be breached with subsequent loss o^eke^d en^ routine; 

of valuable data and/or unauthorized computer access t *}°i t lu* ?™^?T °V5? ^ ~ 

resulting in monetary loss of one sort or anther to the 30 try/e^t scheme forthe system of the nwentton; 

computer system owner or user. It is therefore desirable ™," *» a I** 5 !***^ ™» of the key loader module 

that a secure system for generating, transporting and ° and 

holding of key words be made available to the data 10 B a 8h °wing fonnat ° r data loaded 

processing industry. into the key loader of FIGS. 1 and 9; 

SUMMARY OF THE INVENTION 35 DETAILED DESCRIPTION OF THE 
r* *u ^ r u . INVENTION 
It is therefore an object of the instant invention to 
provide a secure method and mechanism for generating, The cipher key management system of the invention 
transporting and using key words in a secure data trans- comprises key generator 32, key loader 34 and one or 
mission system. .40 more security modules 22, 24. Refer, for example, to 
According to one aspect of the invention, a key word FIG * Data transmission system 30 comprises com- 
or words are generated by an electronic generating puter 20, security modules 22 and 24 interconnected by 
module under command of an operator with no human data line 26 and remote terminal 28. Security modules 
having a knowledge of the identity of the key words so 22 24 serve to encrypt and decrypt data information 
generated. 45 transferred on data transmission line 26. The encryp- 
According to another aspect of the invention, at least tion/decryption algorithm utilized, such as the Data 
one key word is electronically transferred to a transpor- Encryption Standard (DBS) specified in Federal Impor- 
tation module from a generating module without mation Processing Standards Publication, Jan. 15, 1977, 
knowledge of the identity of the key word by any hu- FIPS PUB 46, National Bureau of Standards, or the 
man. 50 like, requires a cipher, key or keys. It is important to 
According to still another, aspect of the invention, . recognize that in such security systems the algorithm is 
key words are electronically transferred from a trans- publicly known and only the cipher key or keys pro- 
portation module to an encryption/decryption module vides security. If the cipher key or keys becomes known 
without human knowledge of the identity of the key to an unauthorized person, data security is breached, 
words. . 55 The key management system of the invention pro- 
According to yet another aspect of the invention, key vides a high degree of security for the cipher key (s) and 
words transferred from a transportation module to an . thereby for the data transmission system, 
encryption/decryption module are suiiultaneously de- riPHFR itpv nwMPPATnb 
stroyed in the transportation module thereby lending an CIPHER KEY GENERATOR 
additional level of security to the data transmission 60 Key generator 32 (FIG. 1) provides the necessary 
system. hardware for generating cipher key(s).with a high de- . 

According to a further aspect of the invention, access : gree.of security. It is a stand-alone unit which may be 
to key words in the system . modules is restricted to ; placed in any convenient off-line location in the system, 
persons having access authority; non-authorized access It may appear as shown in FIG. Z Keyboard 40 is used 
causes destruction of the key word in storage. . 65 to enter necessary operator information to key genera- 
According to a still further ^ aspect of the invention, a tor 32. Each protected line 26 (FIG. 1) in the data trans- 
transportation module may be securely shipped by . \ mission network has ah associated unit number and 
means of a non-secure carrier since access to the key address under which encrypted . keys are stored , and. 
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identified in key generator 32 non-volatile semiconduc- 
tor memory. Key generator 32 permits an operator to 
designate from keypad 40 which cipher keys shall be 
generated for which units, but the keys themselves are 
produced indirectly by keyboard operation. The keys 
are produced automatically and randomly by key gen- 
erator 32 and stored therein in control memory, inacces- 
sible to the outside would except by special provisions, 
as follows: 

A hard copy listing of keys is available from key 
generator 32 by means of printer 38 which has access to 
the key generator memory via a rear connector. The use 
of such a list must be carefully guarded in order to 
protect the system security, however. In the preferred 
embodiment of the invention, protection of key word 
generator 32 contents is provided by dual lock" 42, 44 
front panel access and, of course, by the secure treat- 
ment of key generator 32 module. Key generator 32 
keyboard 40 may be used to instruct hard copy output, 
when that output is desirable. 

The operation of key generator 32 may best be under- 
stood by reference to FIG. 3, a block diagram of the 
preferred embodiment of key generator 32. Read only 
memory (ROM) 50 contains a predetermined program 
for key generator 32. The key generator program sam- 
ples eight random numbers (bytes) of 7 bits in length 
each from pseudo random noise (FN) generator 52 
every time a key on keypad 54 is depressed (a total of 
nine times) and stores them in program buffer 56 for use 30 
in the pseudo random noise generator (PRNG) pro- 
gram. The listing does not include the reading and stor- 
ing of the random numbers (RN) in memory. 

The polynomials on which the program works are: 



4 



10 



15 



20 



25 



and 



(0 



35 



(2) 



40 



45 



50 



where X=2 (Mod 2). 

These polynomials are primitive and irreducible 
(yielding the longest possible pseudo-random sequen- 
ces). They are combined in the program in the follow- 
ing way: 

PMEM is a buffer of eight bytes in length which 
stores and shifts 64 bits called and replaced several 
places in the program. Program buffer 56 is really a 
register of 64 bits in length and can be visualized as 2 
shift registers, one 31 bits and one 32 bits, with an extra 
bit which contains the output of bit 31 on each shift 
cycle, with exclusive OR gates only at the outputs 
where exponents appear, as shown in polynomials (1) 
and (2), above. 

The algorithm basically produces a PN sequence of 55 
traveling Vs and-0's, shifted from left to right in FIG. 3. 
When the algorithm is finished once through, the final 
PN resides in program buffer 56 ready for output to 
data security device (DSD) 58 chip. DSD 58 is fully 
described in copending U.S. patent application Sen No. 
914,831 filed on June 6, 1978 by Leland L. Moy and 
Robert F. Pfeifer. 

Listed below are the steps taken, according to one 
embodiment of the system of the invention, to use DSD 
58 to randomize key words: 

(I) Load 9 bytes of seed memory into program buffer 
56 from 7-bit PN generator whenever a key of 
keypad 54 is depressed. 



(2) Call pseudo random noise generator program to 
generate PN. ? 

(3) Correct PN for parity (PN/>). 

(4) Load PN in DSD 58 major key register. 

(5) Call pseudo random noise generator program to 
get a new PN. 

(6) Load new PN into DSD 58 data register. 

(7) Enable DSD encryption. 

(8) Read new data and correct parity. 

(9) For next eight byte PN code, repeat steps 2 
through 9. 

Once the above process is complete, the data in pro- 
gram buffer 56 is the new PN to be used in the system 
of the invention. 

PN generator 52 is sampled the first nine times an 
operator strikes key pad 54, nine random events, and the 
remainder of the keys are generated from that initial PN 
and then further randomized by the algorithm of DSD 
58, see FIGS. 4 and 5 for the effect of this further ran- 
domization. 

The data input procedures for key generator 32 of the 
preferred embodiment of the invention Is set out below. 
Of course, other hardware and procedures may be uti- 
lized as will be clearly understood by one skilled in the 
art. 

Key generator 32, FIG. t prompts the user for the 
data it requires at each input step. Each prompt consists 
of a hexidecimal character (d> — F) followed by a deci- 
mal point. The prompts are: 



Prompt 


Description 


0. 


Operation: 


1. 


1st Half of Key: 


2. 


2nd Half of Key: 


5. 


Edit: 


8. 


Unload Counter 


A. 


Access Code: 


C 


Channel: 


D. 


Device: 


E. 


Error: 


F. 


Function: 



The prompts are displayed on keyboard panel 40 of 
key generator 32 (see FIG. 2) prior to each required 
keyboard input. A detailed description of the data entry 
and error correction input procedures required for each 
of the prompts d)— F is given below. 

Prompt d) 

Description: 

Up to 16 operation codes may be input following a d> 
prompt. These codes identify the operation to be per- 
formed by the key generator. 

Valid Data: 

Any of the following two digit codes can be used. 

OPERATION NO. DESCRIPTION 



60 



65 



"IMMEDIATE" OPERATIONS 

00 Test Key Generator Memory 
(Destroys Contents) 

01 Delete All Keys 

02 Clear Key Generator Memory 

03 Generate Random Keys For All 
Blocks 

04 Test Keyloader Memory 

05 Use Typewriter Terminal For I/O 

06 Use Keypad & LED Display For I/O 

07 Print all Stored Keys to Type- 
" writer Terminal 
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^continued 


OPPD ATTr^M MA 

uruvn i \Kjn n\j. 




08 


Print System Description (No Keys) 




to Terminal 




"PROMPT SEQUENCE" OPERATIONS 


11 


Delete Specified Keys From Storage 


12 


Delete Specified Blocks from 




Storage 


13 


Generate Random Keys For Specified 




Blocks 


14 


Enter Key Manually 


15 


Display Keytoader Unload Counter 




(One at a Time) 


16 


Load Keytoader With Specified Keys 


17 


Print Specified Blocks to Type- 




writer Terminal 



All other values are invalid. The following operations 
may be "ANETed together: 05, 05, 13, 17. 
Valid Functions: 

AND, ENTER, SCAN, FWD, REV 
Input Procedure: 

When the system is started up, two LEDs LIP 46 and 
KLP 48 on the front panel will go on for a short period 
of time. When they go out, the user presses the "CLR" 
key and the "<J>" prompt will appear. The user may then 
enter a two digit operation code followed by pressing 
the "AND" or "ENTER" key the "AND" key is 
valid for only the operations 03, 05, 13 and 17. For a 
string of data "AND"ed together, the last input is fol- 
lowed by an ENTER. This indicates the end of the 
string. If no errors occur, the program will proceed to 
the next prompt 

Error Conditions: 

An error occurs when an invalid operation code is 
input. This prompt is 04. 
Error Recovery: 

The only recovery from an 04 error comprises press- 
ing the CLR key twice. This clears aO data currently 
input and allows the user to start inputting data again. 

PROMPT 1 (2): (the words in parenthesis, below, 
refer to prompt (2).) 

Description: 

The first (second) half, 8 digits, of the hand-loaded 



10 



15 



20 



25 



30 



35 



40 



instructions, the "0" prompt will reappear. The key 
generator is then ready for new instructions. 

Valid Data: 

None 

Valid Functions: 
ENTER, REV 
Input Procedure: 

The user can press either "ENTER" or "REV" when 
the "5" prompt appears. All other keys are ignored. The 
"REV" key allows scanning of preceding data and any 
necessary editing. All data which has been input will be 
processed when the "ENTER" key is pressed. 

Error Conditions: 

After "ENT" has been pressed, several error condi- 
tions may occur: 
E:01: 

Memory exceeded— the system created by the user's 
command is too large to be contained in the key 
generator memory. 

E.-08: 

Keyloader memory test failure. 
E:09: 

Duplicate key entered. 
E:10: 

"ALL" invalid for OP15. 
EitfA: 

Memory self-test failure. 
E:0B: 

DSD self-test failure. 
PROMPT 8: 
Description: 

At prompt * i 8", the user inputs the one digit unload 
counter. This indicates the maximum number of times 
that information can be transferred from hand held key 
loader 34 to network security modules such as 22 or 24. 

Valid Data: 

Any digit 1 — "F" can be used. An input of ^(zero) 
will be ignored. 
Valid Functions: 
ENTER, FWD, REV, SCAN 
Input Procedure: 

The user types in one digit following the "8" prompt 
and then presses the RENTER" key. The user can 



key is input following a 1(2) prompt, 
Valid Data: 

Any combination of 8 hexadecimal digits is valid for « value when scamwgbj pressing "CLR", 

this prompt 
Valid Functions: 
ENTER, REV, SCAN, FWD 
Input Procedure: 

The user inputs the 8 digit key value following a 1(2) 50 
prompt The data is entered when the user presses the 
"ENTER" key. If the user wishes to change the data, 
he/she must press the scan key so that the data reap- 
pears. The display is cleared by pressing the "CLR" 
key; then new data is entered by pressing the "EN- 55 
TER"key. 

Error Conditions: 
• None 
■ PROMPT 5: ■ ' 
. Description: . 60 

The "5" prompt is the last prompt to appear on key- . 
pad 40. Data for all other necessary , prompts has been 
entered and. the program is awaiting a go-ahead com- 
mand from the user. The user may backstep to check 
that data has been entered. Once the user is sure that the 65 
data w hich h as been Input is correct, he/she may press : 
the "ENTER** key to begin execution of instructions. ■ . 
.When .'die. key generator, has completed executing the.'. 



the new data value, and then ENTER. 
Error Conditions: 
None 

PROMPT A: 

Description: 

Prompt "A" allows the user to input the access code 
or the user may scan all stored access codes. 
Valid Data: 

Any two digits may be used except <^ (zero). An 
input of zero will be ignored. 
Valid Functions:, 
ENTER, FWD, REV, SCAN 
Input Procedure: * 

If the user wishes to. scan all stored access codes, the 
"SCAN" key may be pressed when the "A" prompt 
appears. To enter data, the user types in two digits 
following the "A" prompts, then presses the "ENTER" . 
key. Entered data may be changed when the user is 
scanning by pressing "CLR", the new data value, and 
then "ENTERS 
. Error Conditions: : 
" None : - 
: PROMPTC: 
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Description: 

At prompt "C* the user may input up to ten, one digit 
channel numbers. These are stored for later processing. 
While scanning data to check for errors, the user may 
delete or replace data. 5 

Valid Data: 

Any one-digit input is accepted as valid data (<{>-F). 
Valid Functions: 

AND, THRU, ALL, ENTER, FWD, REV, SCAN 
Input Procedure: 10 
The user keys in a one-digit channel number and 
follows it with an "AND", a "THRU", or an "EN- 
TER". An "AND" allows additional entries to follow. 
A "THRU" requires a second entry so that a range of 
channel numbers is described (e.g., 7 *THRU" 9 means 15 
7, 8 and 9). "ENTER" following a sequence and 
"AND" and "THRU" entries, terminates the sequence 
and brings up the next prompt 

The user may, instead of the above press the "ALL" 
key followed by "ENTER". Immediately after "ALL" 20 
is pressed, the display will show "CO F" representing 
zero thru "F* (all possible values). After "ENTER" is 
pressed, the next prompt will appear in the display. The 
"ALL" entry is only valid if the system currently de- 
scribed in key generator 32 memory 50 (FIG. 3) con- 25 
tains one or more blocks with the same access code as 
that entered under prompt "A". "ALL" has precedence 
over all other function keys, so if a sequence of data, 
"AND" and "THRU" keys has been keyed in, then 
"ALL" and "ENT" are keyed in, the original sequence 30 
will be replaced by the "A1X" condition. 
Error Condition: 

An E-03 is displayed when the final value is smaller 
than the initial value for a 'THRU" entry; e.g.; 7 
through 35 

An E02 is displayed if the "ALL" key was pressed 
but no block with the required access code currently 
resides in the key generator's memory. 

Error Recovery: 

Press "REV" to return to the "C". Prompt, then 40 
"SCAN** and correct or delete the erroneous data. 
Prompt D: 
Description: 

At this prompt, the user inputs the two digit identifi- 
cation number(s) of some device(s) that is to be the 45 
destination of the keys generated. Data input may be a 
range of values, a single value, or "ALL". 

Valid Data; 

Any two digit code (00 -"FF") is valid input For a 
range of values, the first value must be smaller than the 50 
final value. 

Valid Functions: 

THRU, ALL, ENTER, FWD, REV, SCAN, THRU 
Input Procedure: 

To input a single value, the user presses two digits 55 
then "ENTER"'. A range of values is input by entering 
two digits, "THRU", two more digits, and "ENTER". 
When the "ALL" key is pressed the display will be 
d.00— FF. This is used to indicate that all currently 
defined devices will be used. The user must then press 60 
"ENTER" to get this data input. 

Error Conditions: 

An "E.03" is displayed when the final value is smaller 
than or the same as the initial value in inputting a range 
of codes. 65 

An "E.02" is displayed if the "ALL" key was pressed 
but no block with the. required access code currently 
resides in the key generator memory. 



Error Recovery: ., 

The user 'must press "REV" to get back to the "D" 
prompt and then he must input valid data. 
Prompt E: 
Description: . 

Prompt "E" is actually an error indicator. The "E" 
will appear followed by a two digit error code. To 
recover from most errors, the user must press the 
"REV" key to back step to the prompt in which the 
error occurred and then correct the mistake. If an error 
occurs during prompt "0", the user must strike the 
"CLEAR" key twice to recover. 



Error Code - 


Explanation 


E.01 


Key Generator Memory Exceeded 


E02 : 


System Undefined 


E03 


Invalid Range 


E.04 


Invalid "Operation" 


E.05 


. Invalid "And" 


E.06 


Too Many Data Entries 


E.07 


Parity Error 


E.08 


Keyloader Memory Fault 


E.09 


Faulty Key Creation 


E.0A 


Key Generator Memory Fault 


' E.0B 


Key Generator DSD Fault 


ROC 


Program Error Trap 


E.0D 


- Invalid Data 


E.0E 


No Such Block In Key Generator 


E.0F 


No Such Block In Key Loader 


E.10 


"All** Key Invalid In Operation No. IS 


E.11 


Keyloader Memory Exceeded 



Valid Data: 
None 

Valid Functions: 
REV 

Input Procedure: 
None 

Error Conditions: • c ■ 
None 
Prompt F: 
Description: 

At prompt "F* the user can input up to 10 two-digit 
function codes. These codes are stored in a queue for 
later processing. While scanning data to check for er- 
rors, the user may clear or replace data. 

Valid Data: 

Any two digit input (00— "FF') is accepted as valid 
data. 

Valid Functions: 

AND, ENTER, FWD, REV, SCAN 
Input Procedure: 

The user types in two digits and follows them with 
either 1 an "AND" or an "ENTER". An "AND" links 
together a series of inputs. The "ENTER" indicates 
that this is all the data the user whishes to enter. Editing 
is allowed during scans. 

Error Conditions: 

None 

The program residing in key generator 32 memory is 
described by the flow charts of FIGS. 6, 7 and 8. FIG. 
6A and 6B depict the overall structure of the program 
while IFGS. 7A through 7NN show all of the details. 
FIG. 8 shows the general data entry/edit scheme. The 
following notes apply to the flow charts of FIG. 8: 

(1) X represents entry of proper number of digits (1 
or 2). 

(2) This diagram includes all function keys and repre- 
sents a prompt such as "C". Data entry and edit 
schemes for other prompts are subsets of this one. 
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(3) Except for the one case in edit, "CLR? is pro- ator 32 search time for a total of 17.4 seconds to load 
oessed prior to entry into this syntax diagram. 256 keys. Key loader 34 is capable of self-test functions 

(4) " A1T-**ENT" supercedes all prior entries under upon command and response is by means of go/no-go 
the current prompt, i.e., it cancels all previous entries LED signal 84 (FIG. 9). Key loader 34 is an intelligent 
under the current prompt and replaces them with 5 microprocessor-based unit Keys are stored in a non- 
"ALL". volatile manner in CMOS RAMs maintained by internal 

(5) In edit: . battery 86 (FIG. 9). Power is maintained to the memory 
(a) "AND" and "THRU" are only allowed after a as long as the case remains intact If either the front or 

multiple entry ( 4 THRU") is cleared. rear panels are removed, tamper switches (not shown) 

In such. a case: 10 are deactivated, cutting off power and destroying all 

(1) only 1 "THRU" is allowed for replacing entries; memory. If the case integrity of key loader 34 is vio- 
or, lated, die damage is apparent to those responsible for 

(2) only 2 "AND"s (i.e., up to 3 data entries) are security and new keys may be loaded to avoid compro- 
allowed, and mise of key word security. The data blocks loaded in 

(3) "THRLTs and "AND"s can not be mixed. 13 key loader 34 take the form shown in the table of FIG. 
: (b) After the last entry is displayed (via "SCAN") and 10. The first eight bit byte, (0), shown in the table is an 
the display is blanked (except for the prompt) data can access code. This code must match that of one of the 
be appended using "AND" and/or "THRU". security modules into which the key word will ulti- 

It is important to understand that keys generated by mately be loaded. The second byte, (1), corresponds to 

key generator 32 are generated as a function of the time 20 a device number assigned to a security module to be 

at which 8 bit PN generator 52 (FIG. 3) is unloaded. loaded. The next two bytes, (2) and (3), identify the 

This is determined by the time at which the operator system communication channel number. The fifth byte, 

presses certain of the input keys on keyboard 54. Since (4), identifies a function code, for example, the function 

the clock frequency feeding 8 bit generator 52 is 4 Mhz, code identifies the type of key word present in bytes 

this means that the time interval for each 8 bit dump is 25 6-13 which may be primary, secondary, encrypted sec- 

0.25 microsecond, too short for a human to resolve. ondary, and secondary or encrypted secondary to be 

Under these circumstances, it is not possible for the down line loaded. The sixth thru thirteenth bytes (5, 6, 

operator to bias the random nature of his input because 7, 8, 9, A, B, Q contain a 64 bit key word as generated 

of his inability to resolve the very short intervals. The by key generator 32 (FIG. 1) and as described above, 

further processing of each of these 8 bit inputs by means 30 The fourteenth byte (D) contains a controller address, 

of key generator 32 circuits further ensures that there the fifteenth byte (E) contains a terminal address and 

can be no human knowledge of the generated keys. Key the sixteenth byte (F) contains a four bit code N, that 

generator 12 (FIG. 1) may be constructed so that open- determines the number of times that the key word may 

ing of the case by. means of removal of the front panel be loaded into a given security module and a four bit 

will destroy the contents of the internal memory. If an 35 code, M, that is created by keyloader 34 by incrementa- 

attempt is made to gain access by destructive means, tion each time the key word(s) are loaded into a given 

security personnel will be able to note the attempt by security module. 

observation and the keys would then be changed to In operation, key loader 34 is filled from key genera- 
counter the security breach. The keys are therefore tor 32 and is then transported sequentially to the desired 
"known" only to the encryption/decryption system, the 40 security module(s) 22, 24 in the system. Key loading 
generator and the keyloader. Even in those applications operations require access to the front panel optical in- 
requiring a hard copy printout by means of printer 38 terface of the security module which is revealed after 
(FIG. 1), locks 42 and 44 must be operated, possibly the two mechanical keylocks are opened. (The details 
with two different lock tumbler patterns involved and are very, similar to those of key generator 32, FIG. 2 and 
other provisions may be made to alert security person- 43 thus are not shown separately.) The LED/phototransis- 
nel to every printout, if such is desirable in a given tor optical interface 80, 82 on the keyloader corre- 
application. Where extreme security measures are war-. sponds to a complementary pair located behind the 
ranted, no printout is provided under any condition. pull-down front panel of key generator 32 and security 

module 22, 24, accessible with two key locks 42, 44. The 

50 keyloader can store up to 256 keys for approximately 



KEY LOADER 



Key loader 34, FIG. 1 serves as a transport medium 3,000 hours in the unit power down condition. This is 
for the keys developed by key generator 32. Dotted line made possible by the use of CMOS components. Data is 
36 indicates transportation and a local interface between transferred to and from the keyloader at 3 1 ,250 bits per 
key loader 34 and key generator 32 and between key second, or one key transfer across the interface point 
loader 34 and security module 22 or 24. In the preferred 55 every nine milliseconds. All 256 keys can be transferred 
embodiment of the invention, interface 36 is ah optical in 2.4 seconds plus 1 5 seconds for key generator and key 
mterface. That is, key loader 34 of FIG! 9 contains light loader search and self test operations for a total of 17.4 
source 80 and light sensor 82 which may be mated to seconds. The CMOS CPU and other, components pres- 
their opposites in either key generator. 32 or. security ent only a 200 milliamp load to the battery during oper- 
modules 22, 24 (FIG 1). In this way, key data may be 60 atipn, allowing 3£ to 4 hours of active keyloading with 
fed to or from key loader 34 with complete electrical the supplied battery which is rechargeable, 
isolation from the mating devices. The physical appear- In order to extract keys from keyloader 34, an access 
ance of key loader 34 is as shown in FIG. 9 Key loader code must be selected via code switches, that are located 
34 may, for example, contain 256 key words which are on a Key Distribution Interface (hot shown) which is 
loaded from key generator 32. Loading may take place 65 located directly behind the front panel of the security 
at a 31,500 bit per second rate. Ixwiding of 256 keys module, 22 or 24. Two hexadecimal switches allow 
therefore :occurs in 2.4 seconds. An additional 15 sec- eight bits of access, code to be presented to the key- 
onds is required for keyloader 34 self test and key gener- loader during transfer of keys. The access code is read 
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by a processor behind the back panel and presented to 
the keyloader before the keys may be withdrawn. The 
access code must be selected before operation com- 
mences. 

The keyloader is aligned for operation by two guide 5 
pins 88, 90 located in the security module optical inter- 
face cavity. Key transfer operation commences by 
pressing pushbutton 92 located on the side of keyloader 
34, at which time the keyloader will send a wake-up 
message to the Key Distribution Interface creating an 10 
interrupt to the Key Distribution Interface controlling 
processor. The Key Distribution Interface processor 
reads the access code and presents it to keyloader 34 in 
a response message. If keyloader 34 determines that the 
access code is not identical to the access code previ- 15 
ously loaded by key generator 32, the firmware pro- 
gram located inside keyloader 34 eliminates all keys by 
zeroizing the CMOS memory. If the access code is 
identical then "key load in progress" lamp 94 lights. 

Only one key will be transferred at any one time 20 
across the interface until acknowledged. The Key Dis- 
tribution Interface will stay locked on to the available 
network security module until all of the keys intended 
for that security module are loaded- It then retrieves 
from its log the next available channel determined dur- 25 
ing the scanning operation, lock onto that channel, and 
begin transfer as previously described. The Key Distri- 
bution Interface will continue until all of the security 
module channels have been serviced. At that time, it 
will send a Load Complete signal to the keyloader and 30 
operation will cease causing the "keyload in process" 
indicator on the front panel to extinguish. It should be 
noted that each key transferred across the interface will 
normally be cleared from keyloader 34 memory; no 
keys will remain after they have been loaded. 35 

A control feature set at keyloading from key genera- 
tor 32 to keyloader 34 allows each key to be given an 
"unload count" which is the number of times that spe- 
cific key can be used. Each time that key is unloaded the 
count is decremented. When the count reaches zero, 40 
that key is cleared from key loader 34 and is no longer 
available. 

While the above is addressed to the generation, trans- 
portation and use of major cipher keys, the system may 
also be used for secondary keys. These are cipher keys 45 
which would be entered into one of security modules 
22, 24 and transported via the communications network 
to the other. (See FIG. 1.) Communication of a second- 
ary key via the data network 26, for example, is fol- 
lowed by a verification signal in the reverse direction. 50 
Upon verification, the new secondary key replaces the 
old without the necessity of actually transporting key 
loader module 34 to both sites. The secondary key may 
be encrypted or not encrypted according to system and 
security requirements. Of course, the verification proce- 55 
dure may be and would be expected to be used after 
input of major or primary keys, as well. Row charts of 
FIGS. 6, 7 and 8 and the chart of FIG. 10 are illustrative 
of the details for accomplishing input and verification of 
both primary and secondary keys in a preferred embodi- 60 
ment of the invention. 

While the invention has been particularly shown and 
described with reference to a preferred embodiment 
thereof, it will be understood by those skilled in the art 
that various other modifications and changes may be 65 
made to the present invention from the principles of the 
invention described without departing from the spirit 
and scope thereof, as encompassed in the accompanying 
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claims. Therefore, it is intended in the appended claims 
to cover all such equivalent variations as come within 
the scope of the invention as described. 
What is claimed is: 

1. In a data encryption/decryption system employing 
key word security wherein secure data is transferred 
between at least two security modules, the improve- 
ment comprising: 

means for generating at least one key word, said gen- 
erating means being responsive to the times of an 
operator's switch input to generate said at least one 
key word; and 

keyloading means for storing and transporting said at 
least one key word, said key loading means and 
said generating means having interfaces thereon for 
transferring said at least one key word from said 
generating means to said keyloading means in a 
form readable only by the system. 

2. The system according- to claim 1 further compris- 
ing: 

means for interfacing said keyloading means with at 
least one of the security modules for transferring 
said at least one key word from said keyloading 
means to said at least one of the security modules in 
a form readable only by the system. 

3. The system according to claim 2 further compris- 
ing: 

means for destroying said at least one key word re- 
sponsive to an unauthorized attempt to read said at 
least one key word contained in at least one of said 
generating means, said keyloading means and said 
security modules. 

4. The system according to claim 2 further compris- 
ing: 

means for destroying said at least one key word in 
said keyloading means responsive to said at least 
one key word being transferred from said keyload- 
ing means to a predetermined number of the secu- 
rity modules. 

5. The system according to claim 2 wherein said at 
least one key word comprises at least one primary key 
and at least one secondary key. 

6. The system according to claim 2 wherein said form 
comprises a predetermined format 

7. An improved method for generating a key word 
for an encryption/decryption system employing key 
word security, comprising the steps of: 

clocking a pseudo random noise generator register at 
a rate too high for human resolution; 

inputting a plurality of bits in said pseudo random 
noise generator register responsive to timing of 
manual switch operations to generate a random 
number, 

operating on said random number with an encryption 
algorithm to generate the key word; and 

transferring the key word to a key loading module, 
the key word being in a form readable only by the 
encryption/decryption system. 

8. The improved method according to claim 7 further 
comprising the step of: 

transferring the key word from said key loading mod- 
ule to at least one encryption/decryption module 
of said encryption/decryption system, the key 
word being in a form readable only by the encryp- 
tion/decryption system. 

9. The improved method according to claim 8 further 
comprising the step of: 
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destroying the key word in said key loading module 
after said step of transferring the key word from 
said key loading module to said at least one encryp- 
tion/decryption module. 

10. The improved method according to claim 8 fur- 
ther comprising the step of: 

destroying the key word in any of said modules of the 
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system responsive to an unauthorized structural 
breach of said any module. 

11. The method according to claim 8 wherein said 
key word comprises at least one primary key and at 
least one secondary key. 

12. The method according to claim 8 wherein said 
form comprises a predetermined format. 

***** 
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